AAPT subject of data breach
- 26 July, 2012 16:09
Internet service provider (ISP), AAPT, has confirmed that it was the target of a data breach which affected some AAPT business customer data stored on servers in Melbourne.
AAPT CEO, David Yuile, said in a statement that the incident was brought to its attention by service provider, Melbourne IT, at approximately 9:30pm (AEST) last night.
“Preliminary findings suggest it was two files that were compromised and the data is historic, with limited personal customer information,” he said.
“Further, the servers on which the files were stored have not been used or connected to AAPT for at least 12 months.”
Hacktivst group, Anonymous, which had threatened to release 40GB of data from an ISP in protest over the Australian Government’s proposed data retention laws--which could mean every internet users' entire Web history is logged and stored for up to two years--posted a message on its Par:AnoIA Twitter account:
“Apparently rumors are spreading much already. Let us point the attention to this link: http://en.wikipedia.org/wiki/AAPT.”
Operation Australia recently tweeted, “We can promise you. That the leak is not fake. We know, and the certain ISP knows.”
IBRS analyst, James Turner, told CIO Australia that the issue for AAPT is that an alleged group of hackers is attacking a third party and then claiming the attack is a political statement.
“It's like stealing an individual's car and then saying it was a protest against the number of red light cameras,” he said.
“Whoever committed this attack clearly hadn't thought through what they were doing, and certainly not why they were doing it. This attack actually helps support the government's case.”
According to Turner, attacks against civilians, or in this case an unrelated organisation, merely galvanises the Australian Government’s resolve to not be beaten.
“It’s likely that public support for ISPs being made to track user activity will actually increase -- as a direct result of this attack.”
Earlier in the week, Anonymous claimed credit for taking down at least 10 Queensland government websites in protest over the proposed data retention rules.
According to a blog posting entitled Par:Onia members of the group used an authentication bypass to loot some “booty” from Queensland government servers which, according to Anonymous, showed how the Australian government was monitoring citizen's activity online.
Follow Hamish Barwick on Twitter: @HamishBarwick
Follow CIO Australia on Twitter: @CIO_Australia
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Tolly Report: Performance Survey of Virtual Environment Security
This report by Tolly tests the system resource requirements of competing vendor solutions when performing on-demand and on-access scanning functions, during distributed definition updates. Click to download how the four competing options ranked against each other.
Advanced Persistent Threats and Real-Time Threat Management
Businesses face a constantly evolving threat landscape. One of the greatest challenges is presented by advanced persistent threats (APTs), which are sophisticated, multi‐faceted attacks targeting a particular organisation. Mitigating the risk of APTs requires advances beyond traditional layered security to include real‐time threat management. This whitepaper describes the nature of APTs, the risks they pose to businesses, and techniques for blocking, detecting, and containing APTs and other emerging threats. Read now.
In Control at Layer 2: A Tectonic Shift in Network Security
Network hacking and corporate espionage are on the rise and set to intensify. Information security risks remain commonplace, and most organisations need to increase vigilance. This paper has analyses the realistic threats to fibre optic Ethernet networks – both at the LAN and WAN level. Read now.